Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:30515
HistoryMay 01, 2014 - 12:00 a.m.

[USN-2188-1] elfutils vulnerability

2014-05-0100:00:00
vulners.com
18
JSON

==========================================================================
Ubuntu Security Notice USN-2188-1
April 30, 2014

elfutils vulnerability

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 14.04 LTS
  • Ubuntu 13.10
  • Ubuntu 12.10

Summary:

elfutils could be made to crash or run programs if it processed a specially
crafted file.

Software Description:

  • elfutils: collection of utilities to handle ELF objects

Details:

Florian Weimer discovered that the elfutils libdw library incorrectly
handled malformed compressed debug sections in ELF files. If a user or
automated system were tricked into processing a specially crafted ELF file,
applications linked against libdw could be made to crash, or possibly
execute arbitrary code.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 14.04 LTS:
libdw1 0.158-0ubuntu5.1

Ubuntu 13.10:
libdw1 0.157-1ubuntu1.1

Ubuntu 12.10:
libdw1 0.153-1ubuntu1.1

In general, a standard system update will make all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-2188-1
CVE-2014-0172

Package Information:
https://launchpad.net/ubuntu/+source/elfutils/0.158-0ubuntu5.1
https://launchpad.net/ubuntu/+source/elfutils/0.157-1ubuntu1.1
https://launchpad.net/ubuntu/+source/elfutils/0.153-1ubuntu1.1

– ubuntu-security-announce mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce

Related

openvas 9
fedora 3
nessus 7
cve 1
prion 1
ubuntu 1
debiancve 1
gentoo 1
securityvulns 1
ubuntucve 1
mageia 1
amazon 1
openvas
openvas
Fedora Update for elfutils FEDORA-2014-5015
2014-04-21 00:00:00
Fedora Update for elfutils FEDORA-2014-5031
2014-05-05 00:00:00
Fedora Update for elfutils FEDORA-2014-5031
2014-05-05 00:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: elfutils-0.158-3.fc20
2014-04-18 15:37:02
[SECURITY] Fedora 19 Update: elfutils-0.158-3.fc19
2014-04-30 04:06:47
[SECURITY] Fedora 20 Update: elfutils-0.161-2.fc20
2015-01-20 20:59:07
nessus
nessus
Fedora 19 : elfutils-0.158-3.fc19 (2014-5031)
2014-04-30 00:00:00
openSUSE Security Update : elfutils (openSUSE-SU-2014:0974-1)
2014-08-12 00:00:00
GLSA-201612-32 : elfutils: Heap-based buffer overflow
2016-12-13 00:00:00
cve
cve
CVE-2014-0172
2014-04-11 15:55:00
prion
prion
Integer overflow
2014-04-11 15:55:00
ubuntu
ubuntu
elfutils vulnerability
2014-04-30 00:00:00
debiancve
debiancve
CVE-2014-0172
2014-04-11 15:55:00
gentoo
gentoo
elfutils: Heap-based buffer overflow
2016-12-13 00:00:00
securityvulns
securityvulns
elfutils libdw memory corruption
2014-05-01 00:00:00
ubuntucve
ubuntucve
CVE-2014-0172
2014-04-11 00:00:00
mageia
mageia
Updated elfutils package fixes CVE-2014-0172
2014-04-16 17:16:12
amazon
amazon
Medium: elfutils
2014-05-21 10:48:00
JSON
Related for SECURITYVULNS:DOC:30515
openvas9fedora3nessus7cve1prion1ubuntu1debiancve1gentoo1securityvulns1ubuntucve1mageia1amazon1